a75fa45585
- Add 13 tests for security.py (logs, stats, filtering, error handling) - Add 5 tests for system.py (stats, audit log, notifications, token) - Test security log parsing (JSON and logfmt formats) - Test audit log classification and noise filtering - Test system stats format and data integrity - Improve test coverage for security-sensitive endpoints
66 lines
2.3 KiB
Python
66 lines
2.3 KiB
Python
"""Integration tests for system router"""
|
|
|
|
import pytest
|
|
|
|
|
|
def test_system_stats_endpoint(test_app, admin_headers):
|
|
"""Test system stats endpoint returns expected format"""
|
|
response = test_app.get("/api/system/stats", headers=admin_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert "cpu_percent" in data
|
|
assert "cpu_count" in data
|
|
assert "load_avg" in data
|
|
assert "memory" in data
|
|
assert "disk" in data
|
|
assert "uptime" in data
|
|
assert "platform" in data
|
|
assert "volumes" in data
|
|
|
|
|
|
def test_audit_log_endpoint(test_app, admin_headers, temp_volume_root):
|
|
"""Test audit log endpoint returns expected format"""
|
|
import os
|
|
|
|
audit_path = os.path.join(temp_volume_root, "docker/nas-dashboard/audit.log")
|
|
os.makedirs(os.path.dirname(audit_path), exist_ok=True)
|
|
with open(audit_path, "w") as f:
|
|
f.write("2024-01-01T10:00:00 1.2.3.4 admin GET /api/docker/containers 200 50ms\n")
|
|
|
|
response = test_app.get("/api/system/audit-log", headers=admin_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert "entries" in data
|
|
assert isinstance(data["entries"], list)
|
|
|
|
|
|
def test_audit_log_classifies_failed_auth(test_app, admin_headers, temp_volume_root):
|
|
"""Test audit log classifies failed auth as high severity"""
|
|
import os
|
|
|
|
audit_path = os.path.join(temp_volume_root, "docker/nas-dashboard/audit.log")
|
|
os.makedirs(os.path.dirname(audit_path), exist_ok=True)
|
|
with open(audit_path, "w") as f:
|
|
f.write("2024-01-01T10:00:00 1.2.3.4 - POST /api/auth/login 401 100ms\n")
|
|
|
|
response = test_app.get("/api/system/audit-log", headers=admin_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
if data["entries"]:
|
|
assert data["entries"][0]["level"] == "high"
|
|
|
|
|
|
def test_send_notification_missing_message(test_app, admin_headers):
|
|
"""Test send notification with missing message"""
|
|
response = test_app.post("/api/system/notify", json={}, headers=admin_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["ok"] is False
|
|
assert "error" in data
|
|
|
|
|
|
def test_openclaw_token_lan_only(test_app, admin_headers):
|
|
"""Test OpenClaw token endpoint requires LAN IP"""
|
|
response = test_app.get("/api/system/openclaw-token", headers=admin_headers)
|
|
assert response.status_code == 403
|